T&T-Cyber-D&R-ASM-VAPT+OSCP cert.DM-Mumbai

•      Plan, coordinate, and execute Vulnerability Assessment and Penetration Testing (VAPT) activities for Bank to identify and remediate security vulnerabilities.

•      Plan, coordinate, and execute periodic application security testing assessment on Banks to identify and remediate security vulnerabilities.

•      Utilize your comprehensive understanding of OWASP Top Ten and SANS 25 vulnerabilities to prioritize testing efforts and focus on high-risk areas within applications.

•      Conduct hands-on security testing of mobile applications, web applications, and thick clients to identify security vulnerabilities and recommend mitigation strategies.

•      Lead and mentor a team of penetration testers, providing guidance, training, and support to ensure the delivery of high-quality security assessments.

•      Collaborate with cross-functional teams, including developers, IT operations, and compliance teams, to implement security best practices and drive continuous improvement in application security posture.

•      Reviewing detailed reports and findings from VAPT activities, including actionable recommendations for remediation and risk mitigation strategies.

•      Stay informed about emerging security threats, vulnerabilities, and trends in the financial sector to proactively enhance security controls and defenses.

Requirements / Key Skills

•      In-depth knowledge of security issues, exploitation techniques and remediation measures.

•      Previous experience in handling team of security tester.

•      Hands-on Experience in Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets

•      Hands-on experience with well-known security tools BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc.

•      Has practical experience in auditing various Operating Systems , DB , Network and Security technologies

•      In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database

•      Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)

•      Perform in-depth analysis of VAPT results, Ability to review assessment reports to provide risk mitigation & recommendations on that basis

•      Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance.

•      Sound knowledge of MITRE ATT&CK framework with hacker mindset.

•      Sound knowledge of Networking concepts & Good understanding of latest Network /security technologies such as Cloud security and recent trends

Desired Candidate Profile

•      Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent.

•      Certifications Preferred: OSCP, OSWE, PNPT, eWPTx, CISM.

•      Strong organizational, teamwork, multitasking & time management skills

•      8+ years of relevant working experience.

•      Outstanding communication abilities. Ability to effectively communicate the required recommendations.

•      Ability to work under pressure & Fast paced environment.

•      Strong attention to detail with an analytical mindset & outstanding problem-solving skills

•      Great Awareness of cyber security trends & hacking techniques